US20040172369A1 - Method and arrangement in a database - Google Patents

Method and arrangement in a database Download PDF

Info

Publication number
US20040172369A1
US20040172369A1 US10471844 US47184404A US20040172369A1 US 20040172369 A1 US20040172369 A1 US 20040172369A1 US 10471844 US10471844 US 10471844 US 47184404 A US47184404 A US 47184404A US 20040172369 A1 US20040172369 A1 US 20040172369A1
Authority
US
Grant status
Application
Patent type
Prior art keywords
registry
user
application
entry
value
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Abandoned
Application number
US10471844
Inventor
Jonas Persson
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Smarttrust Systems Oy
Original Assignee
Smarttrust Systems Oy
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date

Links

Images

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1008Active credit-cards provided with means to personalise their use, e.g. with PIN-introduction/comparison system
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06QDATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/04Payment circuits
    • G06Q20/045Payment circuits characterized in that the payment protocol involves at least one ticket
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06QDATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices using wireless devices
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06QDATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices using wireless devices
    • G06Q20/322Aspects of commerce using mobile devices [M-devices]
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06QDATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices using wireless devices
    • G06Q20/327Short range or proximity payments by means of M-devices
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06QDATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/341Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06QDATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/357Cards having a plurality of specified features
    • G06Q20/3576Multiple memory zones on card
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06QDATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices
    • G06Q20/36Payment architectures, schemes or protocols characterised by the use of specific devices using electronic wallets or electronic money safes
    • G06Q20/363Payment architectures, schemes or protocols characterised by the use of specific devices using electronic wallets or electronic money safes with the personal data files for a user
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06QDATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices
    • G06Q20/36Payment architectures, schemes or protocols characterised by the use of specific devices using electronic wallets or electronic money safes
    • G06Q20/367Payment architectures, schemes or protocols characterised by the use of specific devices using electronic wallets or electronic money safes involving intelligent token, e.g. electronic purse
    • G06Q20/3674Payment architectures, schemes or protocols characterised by the use of specific devices using electronic wallets or electronic money safes involving intelligent token, e.g. electronic purse involving authentication
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/0866Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means by active credit-cards adapted therefor
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network
    • H04L63/0823Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATIONS NETWORKS
    • H04W12/00Security arrangements, e.g. access security or fraud detection; Authentication, e.g. verifying user identity or authorisation; Protecting privacy or anonymity
    • H04W12/06Authentication

Abstract

The present invention relates to a smart card based registry database and is a database in which mobile terminal applications, SIM card based applications, PDA applications etc all can gain access, create new entries, read already stored information or update old information etc. How the information is used is up to the application, the registry only stores the information The registry comprises security such as authentication and encryption and can be used to improve existing applications.

Description

    FIELD OF THE INVENTION
  • [0001]
    The present invention relates to a method and arrangement in a database in accordance with the preambles of the independent claims. More specifically it relates to a secure smart card registry database.
  • BACKGROUND OF THE INVENTION
  • [0002]
    In the Windows™ environment there is a registry database containing information used by various applications from different vendors. Everyone has access to the registry. Everyone can read and write in the different entries as they please. However, such a public registry database is not suitable for storing of confidential data or data that not is intended to be cloned.
  • [0003]
    To attain security in open networks, several security solutions have appeared. One example is Public Key Infrastructure (PKI). PKI is a system used to distribute and check public keys that can be used to authenticate users, sign information or encrypt information. In a PKI system, two corresponding (also called asymmetric) keys are used in connection with protecting information. Information, which is encrypted with one of the two keys, can be decrypted only with the other key. One important feature of PKI systems is that it is computationally unfeasible to use knowledge of one of the keys to deduce the other key. In a typical PKI system, each of the systems possesses a set of two such keys. One of the keys is maintained private while the other is freely published.
  • [0004]
    A PKI distributes one or several public keys and determines whether a certain public key can be trusted for certain usage or not. An important concept in infrastructures built on public key cryptography is that of the Certification Authority (CA). The weakness in a public key system is that, even though it is desirable that the public keys for all users are easily available, it is also required to assert that it is truly known that a particular public key really belongs to the user that one is communicating with. This is what a CA is used for. It uses its good name to guarantee the correctness of a public key by signing a key.
  • [0005]
    What is further needed is a way of using PKI for storing data in a public registry database.
  • [0006]
    In cellular radio systems environments like the Global System for Mobile Communications (GSM), there is a Subscriber Identity Module (SIM) card that contains information required by a mobile phone to establish a call. The SIM card also contains information used by the user, such as Abbreviated Dialling Number (ADN) lists, Short Message Service (SMS) storage etc.
  • [0007]
    An external device such as a Personal Digital Assistant (PDA) can access the SIM card through a mobile phone's serial or Infrared Data Association (IrDA) port etc by using AT commands or mobile phones proprietary commands. (An AT command is a command language developed by Hayes Microcomputer Products, Inc. to control auto-dial modems from a dumb asynchronous terminal or a PC emulating such a terminal.) The devices can use all the SIM card commands such as CreateFile, UpdateBinary etc if the right PIN codes have been presented.
  • [0008]
    If there is an application on the mobile phone or the SIM such as WAP browser or SIM browser these can also access the SIM card. A disadvantage is that these programs (or the creator of the program) must know how to communicate with SIM card, which means that the SIM card commands from different SIM card manufacturers must be known. Also the administrative codes for each SIM card must be known if a new file is to be created. This is almost impossible.
  • SUMMARY OF THE INVENTION
  • [0009]
    The object of the present invention is to provide a smart card registry database where mobile terminal applications, SIM card based applications, PDA applications etc all can access this database, create new entries, read already stored information or update old information in a way of improved security.
  • [0010]
    The above-mentioned object is achieved by a method and a system according to the characterising part of the independent claims.
  • [0011]
    The smart card registry database provided by the present invention, comprising means for
  • [0012]
    creating an entry, which entry is associated with a root certificate, and which root certificate is signed and issued by a Certification Authority (CA);
  • [0013]
    receiving a request for accessing the created entry in the registry from any user application, said request comprising a certificate issued and signed by said CA, said certificate including a public key, said public key corresponding to a private key that said any user application owns;
  • [0014]
    using the obtained public key for challenging said any user application;
  • [0015]
    receiving a response of said challenge, encrypted by a private key of said any user application;
  • [0016]
    giving said any user application (106) access if the challenge response is successful,
  • [0017]
    makes it possible for any user application (106) to create an entry, which entry is accessible only for, by said any user application, selected user applications which implies improved security.
  • [0018]
    The method provided by the present invention comprising the steps of
  • [0019]
    creating an entry in the smart card registry database, which entry is associated with a toot certificate, and which toot certificate is signed and issued by a Certification Authority (CA);
  • [0020]
    any user application sending a request for access to the created entry in the registry, said request comprising a certificate issued and signed by the CA, said certificate including a public key, said public key corresponding to a private key that said any user application owns;
  • [0021]
    the registry (104) challenging said any user application by means of the obtained public key;
  • [0022]
    said any user application responding said challenge by means of its said private key and returning it to the registry;
  • [0023]
    if the challenge response is successful, giving said any user application (106) access to the created entry,
  • [0024]
    makes it possible for any user application to access this database, create new entries, read already stored information or update old information in a way of improved security.
  • [0025]
    An advantage with the present invention is that it makes it possible to store tickets, medical data etc. in a mobile phone in a secure way.
  • [0026]
    Preferred embodiments are set force in the dependent claims.
  • [0027]
    According to a first embodiment of the present invention, a value to be stored is combined with a certificate, which is retrieved from the registry, and the combination is signed by a user application and the signed value-certificate is stored in the smart card registry database.
  • [0028]
    An advantage with the first embodiment is that it can be checked by any user application reading the stored value whether the value is copied or manipulated.
  • BRIEF DESCRIPTION OF THE DRAWINGS
  • [0029]
    [0029]FIG. 1 shows an exemplary scenario wherein the registry according to the present invention is used.
  • [0030]
    [0030]FIG. 2a is a signalling sequence diagram showing an example of how to create an entry in the registry.
  • [0031]
    [0031]FIG. 2b is a signalling sequence diagram showing how to store data in a created entry in the registry.
  • [0032]
    [0032]FIG. 2c is a signalling sequence diagram showing how to read data in a created entry in the registry.
  • [0033]
    [0033]FIG. 3a is a signalling sequence diagram showing an example of how to create an entry with an associated certificate in the registry.
  • [0034]
    [0034]FIG. 3b is a signalling sequence diagram showing how to store data in a created entry with an associated certificate.
  • [0035]
    [0035]FIG. 3c is a signalling sequence diagram showing how to read data in a created entry with an associated certificate.
  • [0036]
    [0036]FIG. 4a is a signalling sequence diagram showing how to store a value, in a way that the value is protected against copying and manipulating.
  • [0037]
    [0037]FIG. 4b is a signalling sequence diagram showing how to find out that a read copy-protected value in the registry it is not copied or manipulated.
  • DETAILED DESCRIPTION OF PREFERRED EMBODIMENTS
  • [0038]
    The smart card based registry database according to the present invention and further on called the registry, is a database to which mobile terminal applications, SIM card based applications, PDA applications etc all can gain access, create new entries, read already stored information or update old information etc. How the information is used is up to the application, the registry only stores the information. The registry. comprises security such as authentication and encryption and can be used to improve existing applications.
  • [0039]
    [0039]FIG. 1 Shows an exemplary scenario wherein the registry according to the present invention is used. A smart card unit 102 comprising the registry 104 is accessible by one or more user applications, within this scenario by a first user application 106 and a second user application 108. The smart card 102 may be comprised e.g. in a portable unit such as a mobile phone, or PDA. The user application 106 is e.g. a mobile terminal application, a SIM card based application, a PDA application an electronic ticket application etc. that wishes to use the registry 104 for a safe storing of data. For example a person that wants to see a movie uses the WAP browser in his mobile phone to browse to a ticket-issuing unit within electronic cinema ticketing system and orders a ticket to the movie. He pays e.g. electronically. The first user application 106 in the ticket-issuing unit stores the electronic ticket in a registry 104 in the SIM card, i.e. a smart card 102, within the user's mobile phone. When the person comes to the cinema he connects to a ticket-receiving unit within the electronic cinema ticketing system via Bluetooth™ or IrDA or something else. The second user/application 108 within the ticket-receiving unit searches for the relevant ticket in the registry 104 and validates it.
  • [0040]
    Security The registry database is open for anyone but anyone has not access to all registry entries. An entry is defined as a “storage location” in the registry 104. The registry 104 is based on public key cryptography, e.g. on asymmetric encryption/decryption and signing, to attain security in the system. A certificate comprising a public key is stored in the registry 104. This certificate may be down loaded by any user application that requires protection for data to be stored in the registry 104. In the registry there is also a private key that corresponds to the public key in said certificate.
  • [0041]
    A first user application 106, that requires using the registry 104 for storing some data, creates an entry to the registry 104. If required, the first user application. 106 has a possibility to restrict who shall be granted access to the created entry. If so, one or more so called toot certificates are assigned to the entry. The owner of the root certificate is considered a local certification authority (CA) 110. This local CA 110 can be any entity, e.g. a user application 106. The purpose of the local CA 110 is to issue certificates. These certificates are used by different entities in the system. When the second user application 108 wants to read the information in the registry 104 it has to present a valid certificate that has been issued by the local CA 110 to the registry 104. The registry 104 then challenges the second user application 108. If the second user application 108 responses successfully to the challenge then access to the registry 104 is granted.
  • [0042]
    It is possible for a user application 106; 108 to add and remove root certificates to the created entry that grant access to the registry database.
  • [0043]
    It is further possible for the user application 106, 108 to make the choice to encrypt the data to be stored if so required.
  • [0044]
    It is also possible for the user application 106, 108, to make sure that the stored content is not copied, e.g. to another smart card registry. This is achieved with a certificate stored in the registry 104. The first user application 106 asks for a certificate from the registry 104. The data to be stored is combined with the newly received certificate and then signed by the first user application 106. The second user application 108 reads the stored information from the registry 104. The second user application 108 can now make sure that the content has not been copied by challenging the registry 104. The second user application 108 can also make sure that the stored data has not been manipulated by examining the first user application 106 signature.
  • [0045]
    To sum up, there are three levels of security of created entries in the registry 104.
  • [0046]
    First, when creating the entry without any restrictions, anyone is granted access to this entry.
  • [0047]
    Secondly, when associating one or more certificates to the created entry, only those who have got a valid certificate and are the owner of the certificate will be granted access to the entry when authorised.
  • [0048]
    Thirdly, using digital signatures to make sure that the data has not been manipulated or copied.
  • [0049]
    The proceedings when using the registry 104 with different levels of security will now be described more in detail referring to the signalling sequence diagrams in FIGS. 2-8
  • [0050]
    Using the Registry without Additional Certificates
  • [0051]
    Before storing anything in the registry, a registry entry must be created. This is shown in the signalling sequence diagram in FIG. 2a.
  • [0052]
    [0052]201 A “create an entry” command is sent from the user application 106; to the
  • [0053]
    registry 104.
  • [0054]
    [0054]202 An entry without restrictions is created in the registry 104 and an
  • [0055]
    acknowledgement is sent from the registry 104 to the user application 106.
  • [0056]
    [0056]FIG. 2b is a signalling sequence diagram showing how to store data, a so-called value, in a created entry in the registry.
  • [0057]
    [0057]211 A “write a value in the registry” command comprising the entry identity, the
  • [0058]
    name of the value and the value, is sent from the user application 106; to
  • [0059]
    the registry 104.
  • [0060]
    [0060]212 If successful writing to registry entry, the registry 104 will respond to the
  • [0061]
    user application 106 with an acknowledgement message, and if not
  • [0062]
    successful, with a non-acknowledgement message.
  • [0063]
    [0063]FIG. 2c is a signalling sequence diagram showing how to read data in a created entry in the registry. Anyone can read in an entry in the registry that not is restricted, but in this exemplary example, a first user application 106 has created an entry and stored a value in the created registry entry 104 and a second user application 108 wishes to read the value.
  • [0064]
    [0064]221 The second user application 108 sends a “read a value in the registry” command comprising the entry identity and the name of the value.
  • [0065]
    [0065]222 If the registry entry contains the relevant information, the registry 104 will send the requested value. If not, a non-acknowledgement is sent from the registry to the second user application 108.
  • [0066]
    Using the Registry with Additional Certificates
  • [0067]
    As mentioned above, a registry entry must be created before storing anything in the registry. This is shown in the signalling sequence diagram in FIG. 3a and is similar to the creating procedure in the non-restricted use described above.
  • [0068]
    [0068]301 A “create an entry in the registry” command is sent by the first user application 106 to the registry 104. The command comprises a list of the one or more root certificates requested to be associated to the entry.
  • [0069]
    [0069]302 A restricted entry with the requested associated root certificates is created in the registry 104 and an acknowledgement is sent from the registry 104 to the user application 106.
  • [0070]
    [0070]FIG. 3b is a signalling sequence diagram showing how to store data, a so-called value, in a created entry with restrictions i.e. an associated root certificate, in the registry.
  • [0071]
    [0071]311 A “write a value in the registry” command comprising the entry identity, a certificate that has been signed by a local certification authority (CA), the name of the value and the value, is sent by the first user application 106 to the registry 104.
  • [0072]
    [0072]312 The registry 104 verifies that the certificate specified in the “write a value in
  • [0073]
    the registry” command in step 311 is valid and if so the registry will
  • [0074]
    challenge the user application 106. This may be performed by creating a
  • [0075]
    random data and encrypting the random data with the public key of the
  • [0076]
    certificate specified in the “write a value in the registry” command in step
  • [0077]
    [0077]311. The encrypted data is sent to the first user application 106.
  • [0078]
    [0078]313 The first user application 106 decrypts the data and sends it back to the
  • [0079]
    registry 104.
  • [0080]
    [0080]314 The registry 104 verifies that the encrypted data has been decrypted
  • [0081]
    correctly. If the random data is the same as before the registry 104
  • [0082]
    encrypted it, the value is stored in the registry 104, otherwise a non-acknowledgement
  • [0083]
    is sent to the user application 106.
  • [0084]
    [0084]FIG. 3c is a signalling sequence diagram showing how to read data in a created entry in the registry restricted with an associated root certificate. Anyone can read in an entry in the registry that has got a valid certificate signed or issued by the owner of the root certificate The first user application 106 has created an entry associated with a root certificate in the registry 104, and stored a value in the created entry. The second user application 108 wishes to read the value.
  • [0085]
    [0085]321 The second user application 108 sends a “read a value in the registry”
  • [0086]
    command to the registry 104. The command comprises the entry identity, a
  • [0087]
    certificate that has been signed or issued by the owner of the root certificate
  • [0088]
    and the name of the requested value.
  • [0089]
    [0089]322 The registry 104 will now challenge the second user application 108. This
  • [0090]
    may be performed by creating a random data and encrypting it with the
  • [0091]
    public key, comprised in the certificate specified in the “write a value”
  • [0092]
    command in step 331. The encrypted data is sent to the second user
  • [0093]
    application 108.
  • [0094]
    [0094]323 The second user application 108 decrypts the data with its private key and
  • [0095]
    sends it back to the registry 104.
  • [0096]
    [0096]324 The registry 104 verifies that the encrypted data has been decrypted
  • [0097]
    correctly. If the random data is the same as before the registry 104
  • [0098]
    encrypted it, the requested value is sent to the second user application 108,
  • [0099]
    otherwise a non-acknowledgement is sent to it.
  • [0100]
    Using the Registry with Copy Protection
  • [0101]
    To be capable of storing a value copy protected the user application must download a certificate from the registry 104. It is assumed that the user application previously has created an entry with or without restrictions, both can be used.
  • [0102]
    [0102]FIG. 4a is a signalling sequence diagram showing how to store data, a so-called value, copy protected in the registry such that a user application that reads the stored value can be sure that this is the original value and not a cloned one. This is suitable e.g. for storing electronic tickets (e-tickets). In that case the first user application 106 may be an e-ticket issuer, the registry 104 may be a smart card such as a SIM card in a mobile phone of a person that purchases and uses the e-ticket for some kind of event such as a film, and the second user application 108 may be a ticket receiver e.g. at a cinema, that collects the ticket from the person when he e.g. enters a cinema. The ticket receiver want to be sure that the e-ticket is the one that the person purchased from the ticket issuer and not a cloned copy that he got free of charge from his friend.
  • [0103]
    [0103]401 A first user application 106 combines the value, e.g. an e-ticket, to be stored with a certificate previously downloaded from the registry 104. The first user application 106 signs the value-certificate combination and sends a “write a value in the registry” command comprising the entry identity, the name of the value and the signed combination to the registry 104 for storing.
  • [0104]
    [0104]402 The registry stores the signed combination and sends an acknowledgement to the first user application 106 if the storing is successful, otherwise a non-acknowledgement.
  • [0105]
    [0105]FIG. 4b is a signalling sequence diagram showing how to find out that a read copy-protected value in the registry 104 it is not cloned or manipulated. The second user application 108 wishes to read the value.
  • [0106]
    [0106]411 The second user application 108 sends a “read a value in the registry” command comprising the entry identity, and the value name.
  • [0107]
    [0107]412 The registry returns the value to the second user application 108.
  • [0108]
    [0108]413 The second user application 108 validates the signature of the signed data, extracts the stored certificate and then challenges the registry. The challenge may be performed by encrypting a random number with the public key stored in the certificate and then sending the result to the registry 104.
  • [0109]
    [0109]414 The registry 104 decrypts the challenge data and sends the result to the second user application 108. If the result is the same as the encrypted random number sent to the registry 104 the value is regarded as not copied.
  • [0110]
    The method is implemented by means of a computer program product comprising the software code-means for performing the steps of the method. The computer program product is run on processing means stored in a smart card. The computer program is loaded directly or from a computer usable medium, such as a floppy disc, a CD, the Internet etc
  • [0111]
    The present invention is not limited to the above-described preferred embodiments. Various alternatives, modifications and equivalents may be used. Therefore, the above embodiments should not be taken as limiting the scope of the invention, which is defined by the appending claims.

Claims (19)

  1. 1. A method for a user application (106) to get access to a registry (104) within a smart card,
    creating an entry in the registry (104), which entry is associated with a root certificate, and which root certificate is signed and issued by a Certification Authority (CA) (110);
    any user application (106) sending a request for access to the created entry in the registry (104), said request comprising a certificate issued and signed by said CA, said certificate including a public key, said public key corresponding to a private key that said any user application (106) owns;
    the registry (104) challenging said any user application (106) by means of the obtained public key;
    said any user application (106) responding said challenge by means of its said private key and returning it to the registry (104)
    if the challenge response is successful, said any user application (106) given access to the created entry.
  2. 2. The method according to claim 1 wherein the step of creating an entry is performed by a first user application (106).
  3. 3. The method according the previous claim, wherein said any user application is the first user application (106) that has got access to the created entry for storing a value within said entry.
  4. 4. The method according the previous claim, wherein said any user application is a second user application (108) that has got access to the created entry for storing a value within said entry.
  5. 5. The method according to any of the claims 2-4, wherein said any user application is the first user application (106) that has got access to the created entry for reading a value stored in said entry.
  6. 6. The method according the any of the claims 2-4, wherein said any user application is a second user application (106) that has got access to the created entry for reading a value stored in said entry.
  7. 7. The method according the any of the previous claims, wherein a first value is to be stored in the created entry of the registry (104) such that the value cannot be copied or manipulated, the method comprising the further step of:
    any user application (106) combining the first value to be stored with a certificate obtained from the registry (104),
    the any user application (106) signing said value-certificate combination;
    the any user application (106) sending said signed value-certificate combination to the registry to be stored in the created entry.
  8. 8. The method according to claim 7, wherein any user requires to read said first value, comprising the further step of:
    any user application (106) obtaining said value-certificate combination, comprising the public key from the registry (104)
    said any user application (106) challenging the registry (104) by means of the obtained public key;
    the registry (104) responding said challenge by means of a private key that corresponds to the public key comprised in said certificate and returning it to said any user application (106)
    if the challenge response is successful, the value is regarded as not copied or manipulated.
  9. 9. A computer program product directly loadable into the internal memory of a processing means within a smart card, comprising the software code means for performing the steps of any of the claims 1-8.
  10. 10. A computer program product stored on a computer usable medium, comprising readable program for causing a processing means within a smart card, to control an execution of the steps of any of the claims 1-8.
  11. 11. A smart card database registry (104) wherein any user application (106) may create an entry, which entry is accessible only for, by said any user application, selected user applications characterised in that the registry (104) comprises
    means for creating an entry, which entry is associated with a root certificate, and which root certificate is signed and issued by a Certification Authority (CA) (110);
    means for receiving a request for accessing the created entry in the registry (104) from any user. application (106), said request comprising a certificate issued and signed by the CA, said certificate including a public key, said public key corresponding to a private key that said any user application (106) owns;
    means for using the obtained public key for challenging said any user application (106);
    means for receiving a response of said challenge, encrypted by a private key of said any user application (106);
    means for giving said any user application (106) access if the challenge response is successful.
  12. 12. The smart card database registry (104) according to claim 11, wherein it comprises means for storing a value in a created entry.
  13. 13. The smart card database registry (104) according to any of the claims 11-12, wherein it further comprises means for reading a value in the created entry.
  14. 14. The smart card database registry (104) according to any of the claims 11-13, wherein it comprises a public key and further, a certificate adapted for being sent to a user application requesting it, said certificate comprises a public key corresponding to said private key.
  15. 15. The smart card database registry (104) according to claim 13, wherein said means for storing a value in a created entry, for storing the value such that it can be checked by any user application reading the value whether it is copied or manipulated, comprises:
    means for storing a so-called signed value-certificate combination received from any user application (106), the signed value-certificate combination comprising
    a value to be stored combined with a certificate
    which certificate said any user application (106) has obtained from the registry (104)
    and which value-certificate combination is signed by said any user application (106).
  16. 16. The smart card database registry (104) according to claim 15, wherein the means for reading a value in the created entry comprises means for delivering said stored value-certificate combination, comprising the public key, to a user application (108) requesting it.
  17. 17. The smart card database registry (104) according to claim 15, wherein it further comprises means for responding a challenge from the user application (108) to which it delivered said stored value-certificate combination,
    said challenge being encrypted by said user application (108) by means of the public key within the certificate,
    and which challenge is responded by means of the public key corresponding to said certificate.
  18. 18. A smart card comprising the smart card registry (104) according to any of the claims 11-17.
  19. 19. A mobile terminal comprising the smart card according to claim 18.
US10471844 2001-03-16 2002-02-27 Method and arrangement in a database Abandoned US20040172369A1 (en)

Priority Applications (3)

Application Number Priority Date Filing Date Title
SE0100916-6 2001-03-16
SE0100916 2001-03-16
PCT/SE2002/000336 WO2002075677A1 (en) 2001-03-16 2002-02-27 Method and arrangement in a database

Publications (1)

Publication Number Publication Date
US20040172369A1 true true US20040172369A1 (en) 2004-09-02

Family

ID=20283388

Family Applications (1)

Application Number Title Priority Date Filing Date
US10471844 Abandoned US20040172369A1 (en) 2001-03-16 2002-02-27 Method and arrangement in a database

Country Status (3)

Country Link
US (1) US20040172369A1 (en)
EP (1) EP1371034A1 (en)
WO (1) WO2002075677A1 (en)

Cited By (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060105807A1 (en) * 2004-10-25 2006-05-18 Samsung Electronics Co., Ltd. Method for reliably managing database in GSM/GPRS hybrid terminal and hybrid terminal
WO2006066604A1 (en) * 2004-12-22 2006-06-29 Telecom Italia S.P.A. Method and system for access control and data protection in digital memories, related digital memory and computer program product therefor
WO2006089541A2 (en) * 2005-02-28 2006-08-31 Vodafone Holding Gmbh Chip card for a communications device, communications device and method for managing user-specific data
EP1701312A1 (en) * 2005-03-11 2006-09-13 NTT DoCoMo Inc. Authentication device, mobile terminal, and authentication method
WO2007056054A1 (en) * 2005-11-02 2007-05-18 Promethean Storage Llc Content control systems and methods
US7571368B1 (en) 2006-01-26 2009-08-04 Promethean Storage Llc Digital content protection systems and methods
US7996899B1 (en) 2006-02-24 2011-08-09 Hitachi Global Storage Technologies Netherlands B.V. Communication systems and methods for digital content modification and protection
EP2003589A3 (en) * 2007-05-15 2012-05-30 FeliCa Networks, Inc. Authentication information management system, server, method and program
US8243922B1 (en) 2006-02-24 2012-08-14 Hitachi Global Storage Technologies Netherlands B.V. Digital content modification for content protection
CN103107881A (en) * 2011-11-11 2013-05-15 中兴通讯股份有限公司 Access method, device and system of smart card
US8904195B1 (en) * 2013-08-21 2014-12-02 Citibank, N.A. Methods and systems for secure communications between client applications and secure elements in mobile devices
US9177111B1 (en) 2006-11-14 2015-11-03 Hitachi Global Storage Technologies Netherlands B.V. Systems and methods for protecting software
US20160149878A1 (en) * 2014-11-21 2016-05-26 Mcafee, Inc. Protecting user identity and personal information by sharing a secret between personal iot devices

Families Citing this family (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7119659B2 (en) * 2001-07-10 2006-10-10 American Express Travel Related Services Company, Inc. Systems and methods for providing a RF transaction device for use in a private label transaction
USRE45615E1 (en) 2001-07-10 2015-07-14 Xatra Fund Mx, Llc RF transaction device
JP2003317070A (en) * 2002-04-23 2003-11-07 Ntt Docomo Inc Ic card, mobile terminal, and access control method
DE60329162C5 (en) * 2003-03-03 2016-08-11 Nokia Technologies Oy Security element control method and mobile terminal
CN100363855C (en) 2003-07-04 2008-01-23 诺基亚有限公司 Key storage administration
US20060047954A1 (en) * 2004-08-30 2006-03-02 Axalto Inc. Data access security implementation using the public key mechanism
JP3845106B2 (en) 2005-03-14 2006-11-15 株式会社エヌ・ティ・ティ・ドコモ Mobile terminal, and, authentication method
US20070220498A1 (en) * 2006-03-15 2007-09-20 Madsen Jens O Method, mobile terminal and computer program product for interworking via a card application toolkit

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4831245A (en) * 1986-09-16 1989-05-16 Fujitsu Limited System for data field area acquisition in IC card for multiple services
US5856659A (en) * 1996-03-11 1999-01-05 Koninklijke Ptt Nederland N.V. Method of securely modifying data on a smart card
US6038551A (en) * 1996-03-11 2000-03-14 Microsoft Corporation System and method for configuring and managing resources on a multi-purpose integrated circuit card using a personal computer
US6296191B1 (en) * 1998-09-02 2001-10-02 International Business Machines Corp. Storing data objects in a smart card memory

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1021801B1 (en) * 1997-03-24 2004-11-03 Visa International Service Association A system and method for a multi-application smart card which can facilitate a post-issuance download of an application onto the smart card
CA2347684A1 (en) * 1998-10-27 2000-05-04 Visa International Service Association Delegated management of smart card applications

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4831245A (en) * 1986-09-16 1989-05-16 Fujitsu Limited System for data field area acquisition in IC card for multiple services
US5856659A (en) * 1996-03-11 1999-01-05 Koninklijke Ptt Nederland N.V. Method of securely modifying data on a smart card
US6038551A (en) * 1996-03-11 2000-03-14 Microsoft Corporation System and method for configuring and managing resources on a multi-purpose integrated circuit card using a personal computer
US6296191B1 (en) * 1998-09-02 2001-10-02 International Business Machines Corp. Storing data objects in a smart card memory

Cited By (22)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7450962B2 (en) * 2004-10-25 2008-11-11 Samsung Electronics Co., Ltd. Method for reliably managing database in GSM/GPRS hybrid terminal and hybrid terminal
US20060105807A1 (en) * 2004-10-25 2006-05-18 Samsung Electronics Co., Ltd. Method for reliably managing database in GSM/GPRS hybrid terminal and hybrid terminal
US8789195B2 (en) 2004-12-22 2014-07-22 Telecom Italia S.P.A. Method and system for access control and data protection in digital memories, related digital memory and computer program product therefor
WO2006066604A1 (en) * 2004-12-22 2006-06-29 Telecom Italia S.P.A. Method and system for access control and data protection in digital memories, related digital memory and computer program product therefor
WO2006089541A2 (en) * 2005-02-28 2006-08-31 Vodafone Holding Gmbh Chip card for a communications device, communications device and method for managing user-specific data
WO2006089541A3 (en) * 2005-02-28 2006-12-07 Vodafone Holding Gmbh Chip card for a communications device, communications device and method for managing user-specific data
EP1701312A1 (en) * 2005-03-11 2006-09-13 NTT DoCoMo Inc. Authentication device, mobile terminal, and authentication method
US20060212397A1 (en) * 2005-03-11 2006-09-21 Ntt Docomo, Inc. Authentication device, mobile terminal, and authentication method
US20090199005A1 (en) * 2005-03-11 2009-08-06 Ntt Docomo, Inc. Authentication device, mobile terminal, and authentication method
WO2007056054A1 (en) * 2005-11-02 2007-05-18 Promethean Storage Llc Content control systems and methods
US7577809B2 (en) 2005-11-02 2009-08-18 Promethean Storage Llc Content control systems and methods
US7571368B1 (en) 2006-01-26 2009-08-04 Promethean Storage Llc Digital content protection systems and methods
US7966539B2 (en) 2006-01-26 2011-06-21 Hitachi Global Storage Technologies Netherlands B.V. Digital content protection systems and methods
US8243922B1 (en) 2006-02-24 2012-08-14 Hitachi Global Storage Technologies Netherlands B.V. Digital content modification for content protection
US7996899B1 (en) 2006-02-24 2011-08-09 Hitachi Global Storage Technologies Netherlands B.V. Communication systems and methods for digital content modification and protection
US9177111B1 (en) 2006-11-14 2015-11-03 Hitachi Global Storage Technologies Netherlands B.V. Systems and methods for protecting software
EP2003589A3 (en) * 2007-05-15 2012-05-30 FeliCa Networks, Inc. Authentication information management system, server, method and program
CN103107881A (en) * 2011-11-11 2013-05-15 中兴通讯股份有限公司 Access method, device and system of smart card
WO2013067792A1 (en) * 2011-11-11 2013-05-16 中兴通讯股份有限公司 Method, device and system for querying smart card
US8904195B1 (en) * 2013-08-21 2014-12-02 Citibank, N.A. Methods and systems for secure communications between client applications and secure elements in mobile devices
US20160149878A1 (en) * 2014-11-21 2016-05-26 Mcafee, Inc. Protecting user identity and personal information by sharing a secret between personal iot devices
US9769133B2 (en) * 2014-11-21 2017-09-19 Mcafee, Inc. Protecting user identity and personal information by sharing a secret between personal IoT devices

Also Published As

Publication number Publication date Type
EP1371034A1 (en) 2003-12-17 application
WO2002075677A1 (en) 2002-09-26 application

Similar Documents

Publication Publication Date Title
US6880079B2 (en) Methods and systems for secure transmission of information using a mobile device
US7503074B2 (en) System and method for enforcing location privacy using rights management
US7568114B1 (en) Secure transaction processor
US6678821B1 (en) Method and system for restricting access to the private key of a user in a public key infrastructure
US20030236867A1 (en) System for managing program stored in storage block of mobile terminal
US20030114144A1 (en) Application authentication system
US20050010780A1 (en) Method and apparatus for providing access to personal information
US20050138389A1 (en) System and method for making password token portable in trusted platform module (TPM)
US20080184339A1 (en) Remote access of digital identities
US20040088541A1 (en) Digital-rights management system
US20070074034A1 (en) System and method for registering entities for code signing services
US7224805B2 (en) Consumption of content
US20110131421A1 (en) Method for installing an application on a sim card
EP1770586A1 (en) Account management in a system and method for providing code signing services
US20030079133A1 (en) Method and system for digital rights management in content distribution application
US20060085848A1 (en) Method and apparatus for securing communications between a smartcard and a terminal
US20070074033A1 (en) Account management in a system and method for providing code signing services
US20030079122A1 (en) Method, system and computer program product for a trusted counter in an external security element for securing a personal communication device
US20060018484A1 (en) Information processing device, information processing system, and program
EP2113856A1 (en) Secure storage of user data in UICC and Smart Card enabled devices
US20020112161A1 (en) Method and system for software authentication in a computer system
US20050021982A1 (en) Hybrid authentication
US20100287369A1 (en) Id system and program, and id method
US20070079381A1 (en) Method and devices for the control of the usage of content
US20060020811A1 (en) System and method for implementing digital signature using one time private keys

Legal Events

Date Code Title Description
AS Assignment

Owner name: SMARTTRUST SYSTEMS OY, FINLAND

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:PERSSON, JONAS;REEL/FRAME:015305/0752

Effective date: 20040413